Recent /. Posts

Syndicate content Slashdot
News for nerds, stuff that matters
Updated: 10 hours 14 min ago

Next-Gen Thunderbolt: Twice as Fast, But a Different Connector

Tue, 04/22/2014 - 1:12pm
Details have leaked about the next iteration of Intel's Thunderbolt connector. The good news: bandwidth will double, going up to about 40Gbps from its current 20. Power usage will drop by half, and it'll support PCI-e 3.0. The bad news: it uses a redesigned connector, and will rely on adapters for backward compatibility. From the article: "Doubling the available bandwidth will enable next-generation Thunderbolt controllers to drive two 4K displays simultaneously, where current controllers can only drive one. The new controllers will allegedly be compatible with a variety of other protocols as well, including DisplayPort 1.2, USB 3.0, and HDMI 2.0. Intel will offer two different versions of the controller—a version that uses four PCI Express lanes to drive two Thunderbolt ports and an "LP" (presumably "Low Power") version that uses two PCI Express lanes to drive one port."

Read more of this story at Slashdot.








Apple Fixes Major SSL Bug In OS X, iOS

Tue, 04/22/2014 - 12:30pm
Trailrunner7 writes: "Apple has fixed a serious security flaw present in many versions of both iOS and OS X and could allow an attacker to intercept data on SSL connections. The bug is one of many the company fixed Tuesday in its two main operating systems, and several of the other vulnerabilities have serious consequences as well, including the ability to bypass memory protections and run arbitrary code. The most severe of the vulnerabilities patched in iOS 7.1.1 and OSX Mountain Lion and Mavericks is an issue with the secure transport component of the operating systems. If an attacker was in a man-in-the-middle position on a user's network, he might be able to intercept supposedly secure traffic or change the connection's properties."

Read more of this story at Slashdot.








NIST Removes Dual_EC_DRBG From Random Number Generator Recommendations

Tue, 04/22/2014 - 11:49am
hypnosec writes: "National Institute of Standards and Technology (NIST) has removed the much-criticized Dual_EC_DRBG (Dual Elliptic Curve Deterministic Random Bit Generator) from its draft guidance on random number generators following a period of public comment and review. The revised document retains three of the four previously available options for generating pseudorandom bits required to create secure cryptographic keys for encrypting data. NIST recommends that people using Dual_EC_DRBG should transition to one of the other three recommended algorithms as quickly as possible."

Read more of this story at Slashdot.








Lytro Illum Light-Field Camera Lets You Refocus Pictures Later

Tue, 04/22/2014 - 11:07am
Iddo Genuth writes "Earlier today Lytro introduced a new light-field camera called Illum. This is the second camera with this innovative refocusing technology from the California based company founded in 2006. The new camera is a more advanced version of the first camera introduced in 2012. It has a much larger sensor with four times the resolution (Lytro still uses the term megarays instead of megapixels), a much larger and longer zoom lens with a f/2 constant aperture and of course the ability to refocus after you take a picture (the new Illum can refocus on many more points in the image compared to the older version). Users will also have more control of the camera, a larger screen, and the ability to create regular JPEG images or videos made from the refocused images they capture."

Read more of this story at Slashdot.








Ask Slashdot: How Can We Create a Culture of Secure Behavior?

Tue, 04/22/2014 - 10:24am
An anonymous reader writes "Despite the high news coverage that large breaches receive, and despite tales told by their friends about losing their laptops for a few days while a malware infection is cleared up, employees generally believe they are immune to security risks. They think those types of things happen to other, less careful people. Training users how to properly create and store strong passwords, and putting measures in place that tell individuals the password they've created is 'weak' can help change behavior. But how do we embed this training in our culture?"

Read more of this story at Slashdot.








AT&T's Gigabit Smokescreen

Tue, 04/22/2014 - 9:42am
Yesterday AT&T announced it would examine 100 cities and municipalities in the U.S., including 21 metropolitan areas, for introduction of gigabit fiber. Taken on its face, the announcement is the company's response to Google Fiber. But many were quick to note AT&T has promised nothing. Karl Bode at DSLReports went so far as to call AT&T's announcement a giant bluff. "Ever since Google Fiber came on the scene, AT&T's response has been highly theatrical in nature. What AT&T would have the press and public believe is that they're engaged in a massive new deployment of fiber to the home service. What's actually happening is that AT&T is upgrading a few high-end developments where fiber was already in the ground (these users were previously capped at DSL speeds) and pretending it's a serious expansion of fixed-line broadband. It's not. At the same time AT&T is promising a massive expansion in fixed line broadband, they're telling investors they aren't spending much money on the initiative, because they aren't. AT&T's focus is on more profitable wireless. 'Gigapower' is a show pony designed to help the company pretend they're not being outmaneuvered in their core business by a search engine company."

Read more of this story at Slashdot.








Tech People Making $100k a Year On the Rise, Again

Tue, 04/22/2014 - 8:56am
Nerval's Lobster (2598977) writes "Last month, a report suggested that Austin has the highest salaries for tech workers (after factoring in the cost of living), followed by Atlanta, Denver, Boston, and Silicon Valley. Now, a new report (yes, from Dice, because it gathers this sort of data from tech workers) suggests that more tech people are earning six figures a year than ever. Some 32 percent of full-time tech pros took home more than $100,000 in 2013, according to the findings, up from 30 percent in 2012 and 26 percent in 2011. For contractors, the data is even better: In 2013, a staggering 54 percent of them earned more than $100,000 a year, up from 51 percent the previous year and 50 percent in 2011. How far that money goes depends on where you live, of course, but it does seem like a growing number of the world's tech workers are earning a significant amount of cash."

Read more of this story at Slashdot.








Will the Nissan Leaf Take On the Tesla Model S At Half the Price?

Tue, 04/22/2014 - 8:14am
cartechboy (2660665) writes "Ask most people why they won't consider an electric car, and they talk about range anxiety. And I can easily imagine why 84 miles of range isn't enough. Now it sounds like Nissan is listening, as well as watching Tesla's success. The company plans to boost the Leaf electric car's driving range with options for larger battery packs. Not long ago Nissan surveyed Tesla Model S owners, and they probably heard loud and clear that longer driving range is very, very important. So it looks like the Leaf might get up to 150 miles of range, possibly by the 2016 model year. The range increase will come from a larger battery pack, possibly 36 or 42 kWh, and more energy-dense cells. Either way, clearly Nissan is looking to expand the appeal of the world's best-selling electric car, and increasing its driving range is pretty clearly a key to doing so. I just wish Nissan would ditch the weird styling while they're at it."

Read more of this story at Slashdot.








David Auerbach Explains the Inside Baseball of MSN Messenger vs. AIM

Tue, 04/22/2014 - 7:33am
In N+1 magazine, David Auerbach explains what it was like in the "Chat Wars" of the late '90s, when he was the youngest person on the team developing Microsoft's brand-new messaging app, in the face of America Online's AIM, the 900-pound gorilla in the room. Auerbach explains how he used a network analyzer to fake out AOL's servers into letting Microsoft's client connect to AIM as well. "AOL could only block Messenger if they could figure out that the user was using Messenger and not AIM. As long as Messenger sent exactly the same protocol messages to the AOL servers, AOL wouldn’t be able to detect that Messenger was an impostor. So I took the AIM client and checked for differences in what it was sending, then changed our client to mimic it once again. They’d switch it up again; they knew their client, and they knew what it was coded to do and what obscure messages it would respond to in what ways. Every day it’d be something new. At one point they threw in a new protocol wrinkle but cleverly excepted users logging on from Microsoft headquarters, so that while all other Messenger users were getting an error message, we were sitting at Microsoft and not getting it. After an hour or two of scratching our heads, we figured it out." Eventually, though, AOL introduced x86 assembly code into the login protocol, and that not only stymied the MSM team, but led to some interesting warfare of its own. Auerbach's story sheds a lot of light on both good and bad aspects of corporate culture at the start of the 21st century, at Microsoft as well as other companies.

Read more of this story at Slashdot.








David Auerbach Explains the Inside Baseball of MS Messenger vs. AIM

Tue, 04/22/2014 - 7:33am
In N+1 magazine, David Auerbach explains what it was like in the "Chat Wars" of the late '90s, when he was the youngest person on the team developing Microsoft's brand-new messaging app, in the face of America Online's AIM, the 900-pound gorilla in the room. Auerbach explains how he used a network analyzer to fake out AOL's servers into letting Microsoft's client connect to AIM as well. "AOL could only block Messenger if they could figure out that the user was using Messenger and not AIM. As long as Messenger sent exactly the same protocol messages to the AOL servers, AOL wouldn’t be able to detect that Messenger was an impostor. So I took the AIM client and checked for differences in what it was sending, then changed our client to mimic it once again. They’d switch it up again; they knew their client, and they knew what it was coded to do and what obscure messages it would respond to in what ways. Every day it’d be something new. At one point they threw in a new protocol wrinkle but cleverly excepted users logging on from Microsoft headquarters, so that while all other Messenger users were getting an error message, we were sitting at Microsoft and not getting it. After an hour or two of scratching our heads, we figured it out." Eventually, though, AOL started introduced x86 assembly code into the login protocol, and that not only stymied the MSM team, but led to some interesting warfare of its own. Auerbach's story sheds a lot of light on both good and bad aspects of corporate culture at the start of the 21st century, at Microsoft as well as other companies.

Read more of this story at Slashdot.








VK CEO Fired, Says Company Under Kremlin Control

Tue, 04/22/2014 - 6:51am
An anonymous reader writes "The embattled founder of VK, Russia's largest social networking site, said this week that the company is now 'under the complete control' of two oligarchs with close ties to President Vladimir Putin. In a VK post published Monday, Pavel Durov said he's been fired as CEO of the website, claiming that he was pushed out on a technicality, and that he only heard of it through media reports."

Read more of this story at Slashdot.








In the US, Rich Now Work Longer Hours Than the Poor

Tue, 04/22/2014 - 6:10am
ananyo (2519492) writes "Overall working hours have fallen over the past century. But the rich have begun to work longer hours than the poor. In 1965 men with a college degree, who tend to be richer, had a bit more leisure time than men who had only completed high school. But by 2005 the college-educated had eight hours less of it a week than the high-school grads. Figures from the American Time Use Survey, released last year, show that Americans with a bachelor's degree or above work two hours more each day than those without a high-school diploma. Other research shows that the share of college-educated American men regularly working more than 50 hours a week rose from 24% in 1979 to 28% in 2006, but fell for high-school dropouts. The rich, it seems, are no longer the class of leisure. The reasons are complex but include rising income inequality but also the availability of more intellectually stimulating, well-remunerated work." (And, as the article points out, "Increasing leisure time [among less educated workers] probably reflects a deterioration in their employment prospects as low-skill and manual jobs have withered.")

Read more of this story at Slashdot.








Netflix Plans To Raise Prices By "$1 or $2 a Month"

Tue, 04/22/2014 - 5:28am
New submitter Burphytez (3625571) writes with this excerpt of a Reuters story, as carried by the Chicago Tribune: "Video streaming service Netflix Inc said it intends to raise the monthly subscription price for new customers by $1 or $2 a month to help the company buy more movies and TV shows and improve service for its 48 million global subscribers. Investors welcomed the announcement by Netflix, which had suffered from a consumer exodus and stock plunge after it announced an unpopular price increase in July 2011. The company's shares jumped 6.7 percent in after-hours trading to $371.97, after the company released plans for a price hike and posted a rise in first-quarter profit that beat Wall Street expectations."

Read more of this story at Slashdot.








Not Just a Cleanup Any More: LibreSSL Project Announced

Tue, 04/22/2014 - 4:48am
An anonymous reader writes "As some of you may know, the OpenBSD team has started cleaning up the OpenSSL code base. LibreSSL is primarily developed by the OpenBSD Project, and its first inclusion into an operating system will be in OpenBSD 5.6. In the wake of Heartbleed, the OpenBSD group is creating a simpler, cleaner version of the dominant OpenSSL. Theo de Raadt, founder and leader of OpenBSD and OpenSSH, tells ZDNet that the project has already removed 90,000 lines of C code and 150,000 lines of content. The project further promises multi-OS support once they have proper funding and the right portability team in place. Please consider donating to support LibreSSL via the OpenBSD foundation."

Read more of this story at Slashdot.








GitHub Founder Resigns Following Harassment Investigation

Tue, 04/22/2014 - 4:04am
An anonymous reader writes "Late Yesterday, GitHub concluded its investigation regarding sexual harassment within its work force, and although it found no evidence of 'legal wrongdoing,' Tom Preston-Werner, one of its founding members implicated in the investigation resigned. In its statement, GitHub vows to implement 'a number of new HR and employee-led initiatives as well as training opportunities to make sure employee concerns and conflicts are taken seriously and dealt with appropriately.' Julie Ann Horvath, the former GitHub employee whose public resignation last month inspired the sexual harassment investigation, found the company's findings to be gratuitous and just plain wrong."

Read more of this story at Slashdot.








Scammers Lower Comcast Bills, Get Jail Time

Tue, 04/22/2014 - 1:07am
An anonymous reader writes with news about a scam with a twist. The scammers purchased login details to internal Comcast systems from an employee using them to lower the bills of Comcast customers, for a price. "Alston Buchanan, the mastermind of a two-man scam to lower the bills of Comcast customers for a price, pleaded guilty last week and awaits sentencing. His accomplice, Richard Justin Spraggins, who also pleaded guilty in February, will serve 11-23 months in prison and pay Comcast $66,825. Their operation purportedly cost Comcast $2.4 million, and Comcast claims that the loss has forced them to raise the rates on all their customers. However, the allegedly huge financial loss went undetected until a Comcast customer reported his/her suspicions to Comcast customer service."

Read more of this story at Slashdot.








Experts Say Hitching a Ride In an Airliner's Wheel Well Is Not a Good Idea

Mon, 04/21/2014 - 10:53pm
Hugh Pickens DOT Com (2995471) writes "Hasani Gittens reports that as miraculous as it was that a 16-year-old California boy was able to hitch a ride from San Jose to Hawaii and survive, it isn't the first time a wheel-well stowaway has lived to tell about it. The FAA says that since 1947 there have been 105 people who have tried to surreptitiously travel in plane landing gear — with a survival rate of about 25 percent. But agency adds that the actual numbers are probably higher, as some survivors may have escaped unnoticed, and bodies could fall into the ocean undetected. Except for the occasional happy ending, hiding in the landing gear of a aircraft as it soars miles above the Earth is generally a losing proposition. According to an FAA/Wright State University study titled 'Survival at High Altitudes: Wheel-Well Passengers,' at 20,000 feet the temperature experienced by a stowaway would be -13 F, at 30,000 it would be -45 in the wheel well — and at 40,000 feet, the mercury plunges to a deadly -85 F (PDF). 'You're dealing with an incredibly harsh environment,' says aviation and security expert Anthony Roman. 'Temperatures can reach -50 F, and oxygen levels there are barely sustainable for life.' Even if a strong-bodied individual is lucky enough to stand the cold and the lack of oxygen, there's still the issue of falling out of the plane. 'It's almost impossible not to get thrown out when the gear opens,' says Roman. So how do the lucky one-in-four survive? The answer, surprisingly, is that a few factors of human physiology are at play: As the aircraft climbs, the body enters a state of hypoxia—that is, it lacks oxygen—and the person passes out. At the same time, the frigid temperatures cause a state of hypothermia, which preserves the nervous system. 'It's similar to a young kid who falls to the bottom of an icy lake," says Roman. "and two hours later he survives, because he was so cold.'"

Read more of this story at Slashdot.








Our Education System Is Failing IT

Mon, 04/21/2014 - 8:04pm
Nemo the Magnificent (2786867) writes "In this guy's opinion most IT workers can't think critically. They are incapable of diagnosing a problem, developing a possible solution, and implementing it. They also have little fundamental understanding of the businesses their employers are in, which is starting to get limiting as silos are collapsing within some corporations and IT workers are being called upon to participate in broader aspects of the business. Is that what you see where you are?"

Read more of this story at Slashdot.








The Science Behind Powdered Alcohol

Mon, 04/21/2014 - 6:10pm
Daniel_Stuckey (2647775) writes "Last week, the US Alcohol and Tobacco Tax and Trade Bureau approved Palcohol, a powdered alcohol product that you can either use to turn water into a presumably not-that-delicious marg or to snort if you don't care too much about your brain cells. It's the first time a powdered alcohol product has been approved for sale in the US, but not the first time someone has devised one, and such products have been available in parts of Europe for a few years now. Now you may be wondering, as I was, how the heck do you go about powdering alcohol? As you might expect, there's quite a bit of chemistry involved, but the process doesn't seem overly difficult; we've known how to do it since the early 1970s, when researchers at the General Foods Corporation (now a subsidiary of Kraft) applied for a patent for an 'alcohol-containing powder.'" It turns out the labels were issued in error, so don't expect it to be available soon. But it does appear to be a real thing that someone is trying to have approved.

Read more of this story at Slashdot.


The Science Behind Powdered Alcohol

Mon, 04/21/2014 - 6:10pm
Daniel_Stuckey (2647775) writes "Last week, the US Alcohol and Tobacco Tax and Trade Bureau approved Palcohol, a powdered alcohol product that you can either use to turn water into a presumably not-that-delicious marg or to snort if you don't care too much about your brain cells. It's the first time a powdered alcohol product has been approved for sale in the US, but not the first time someone has devised one, and such products have been available in parts of Europe for a few years now. Now you may be wondering, as I was, how the heck do you go about powdering alcohol? As you might expect, there's quite a bit of chemistry involved, but the process doesn't seem overly difficult; we've known how to do it since the early 1970s, when researchers at the General Foods Corporation (now a subsidiary of Kraft) applied for a patent for an 'alcohol-containing powder.'" It turns out the labels were issued in error, so don't expect it to be available soon. But it does appear to be a real thing that someone is trying to have approved.

Read more of this story at Slashdot.